Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ubuntu_linux
(Canonical)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-06-03 | CVE-2019-20810 | go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c in the Linux kernel before 5.6 does not call snd_card_free for a failure path, which causes a memory leak, aka CID-9453264ef586. | Ubuntu_linux, Linux_kernel, Leap | 5.5 | ||
| 2020-04-13 | CVE-2020-11736 | fr-archive-libarchive.c in GNOME file-roller through 3.36.1 allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink to a directory outside of the intended extraction location. | Ubuntu_linux, Debian_linux, File\-Roller | 3.9 | ||
| 2019-02-04 | CVE-2019-3813 | Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslot_get_virt. This may lead to a denial of service, or, in the worst case, code-execution by unauthenticated attackers. | Ubuntu_linux, Debian_linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Spice | 7.5 | ||
| 2020-05-15 | CVE-2020-11521 | libfreerdp/codec/planar.c in FreeRDP version > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write. | Ubuntu_linux, Debian_linux, Freerdp, Leap | 6.6 | ||
| 2020-05-15 | CVE-2020-11526 | libfreerdp/core/update.c in FreeRDP versions > 1.1 through 2.0.0-rc4 has an Out-of-bounds Read. | Ubuntu_linux, Debian_linux, Freerdp, Leap | 2.2 | ||
| 2020-05-26 | CVE-2020-12395 | Mozilla developers and community members reported memory safety bugs present in Firefox 75 and Firefox ESR 68.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0. | Ubuntu_linux, Firefox, Firefox_esr, Thunderbird | 9.8 | ||
| 2020-05-26 | CVE-2020-12392 | The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, it could have resulted in the disclosure of local files. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0. | Ubuntu_linux, Firefox, Firefox_esr, Thunderbird | 5.5 | ||
| 2019-02-28 | CVE-2019-1999 | In binder_alloc_free_page of binder_alloc.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-120025196. | Ubuntu_linux, Debian_linux, Android | 7.8 | ||
| 2019-09-23 | CVE-2019-16708 | ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage. | Ubuntu_linux, Debian_linux, Imagemagick, Leap | 6.5 | ||
| 2019-09-23 | CVE-2019-16710 | ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c. | Ubuntu_linux, Debian_linux, Imagemagick, Leap | 6.5 |